Re: systemctl restart sddm

To: debian-kde@lists.debian.org
Subject: Re: systemctl restart sddm
From: inkbottle <inkbottle007@gmail.com>
Date: Sun, 29 Jul 2018 14:15:31 +0200
Message-id: <[🔎] 2111067.ZOAZYUS7Fp@pluto>
In-reply-to: <[🔎] 1962308.mjc0aB0M2o@tonks>
References: <[🔎] 7921984.7yLdGFzhaq@pluto> <[🔎] 3059471.vRrl8kFjGe@bslagw2> <[🔎] 1962308.mjc0aB0M2o@tonks>

On Friday, July 27, 2018 7:19:05 PM CEST Lisandro Damián Nicanor Pérez Meyer 
wrote:
> El miércoles, 25 de julio de 2018 11:48:55 -03 Andy G Wood escribió:
> > On Wednesday, 25 July 2018 15:01:37 BST inkbottle wrote:
> > [...]
> > 
> > > Also, introducing Haveged could lead to sensitive application using
> > > "questionable" entropy.
> > > 
> > > <quote>
> > > HAVEGE is a random number generator that exploits the modifications of
> > > the
> > > internal CPU hardware states (caches, branch predictors, TLBs) as a
> > > source
> > > of uncertainty. During an initialization phase, the hardware clock cycle
> > > counter of the processor is used to gather part of this entropy: tens of
> > > thousands of unpredictable bits can be gathered per operating system
> > > call
> > > in average.
> > > 
> > > https://security.stackexchange.com/questions/34523/is-it-appropriate-to-> > > us
> > > e-> haveged-as-a-source-of-entropy-on-virtual-machines </quote>
> > > 
> > > That seems sound to me... But some security issues that have been found
> > > lately seem also so terribly remote.
> > 
> > But for completeness also review the haveged FAQ [1].
> > 
> > Andy.
> > 
> > [1] http://www.issihosts.com/haveged/faq.html
> 
> And another option is rng-tools.

I have, kind of, reviewed the two options, and I would have a slight 
preference for rng-tools, mostly because in my mind it would be easier to 
identify the culprit in case something is going wrong: "yet another cpu-
manufacturer-name scandal, flawed cpu lead to shuttle landing on Saturn 
instead of Mars".

Instead of Mr Smith virtual machine poorly configured... more information 
needed.

However, Haveged would work on any machine, whatever new or old it is, when 
rng-tools would require quite recent cpu.

I haven't tested yet if rng-tools would work out of the box, meaning just 
installing the package would make sddm start more quickly; also there are two 
packages of that name: rng-tools "unofficial" and rng-tools5.

I think if it works the two packaged could be put in alternative recommends 
dependency, with haveged being the default choice.

Reply to:

References:
- systemctl restart sddm
  - From: inkbottle <inkbottle007@gmail.com>
- Re: systemctl restart sddm
  - From: Andy G Wood <agw@bas.ac.uk>
- Re: systemctl restart sddm
  - From: Lisandro Damián Nicanor Pérez Meyer <perezmeyer@gmail.com>

Prev by Date: Re: systemctl restart sddm
Next by Date: Re: Qt transition about to start
Previous by thread: Re: systemctl restart sddm
Next by thread: Libreoffice 6.1 with KDE support
Index(es):
- Date
- Thread